Cisco Systems OL-5490-01 Manuale Utente
1-2
VPN Client User Guide for Mac OS X
OL-5490-01
Chapter 1 Understanding the VPN Client
VPN Client Overview
VPN Client Overview
The VPN Client works with a Cisco VPN device to create a secure connection, called a tunnel, between
your computer and a private network. It uses Internet Key Exchange (IKE) and Internet Protocol Security
(IPSec) tunneling protocols to establish and manage the secure connection.
your computer and a private network. It uses Internet Key Exchange (IKE) and Internet Protocol Security
(IPSec) tunneling protocols to establish and manage the secure connection.
The steps used to establish a VPN connection can include:
•
Negotiating tunnel parameters (addresses, algorithms, lifetime)
•
Establishing VPN tunnels according to the parameters
•
Authenticating users (from usernames, group names and passwords, and X.509 digital certificates.)
•
Establishing user access rights (hours of access, connection time, allowed destinations, allowed
protocols)
protocols)
•
Managing security keys for encryption and decryption
•
Authenticating, encrypting, and decrypting data through the tunnel
For example, to use a remote PC to read e-mail at your organization, the connection process might be
similar to the following:
similar to the following:
Step 1
Connect to the Internet.
Step 2
Start the VPN Client.
Step 3
Establish a secure connection through the Internet to your organization’s private network.
Step 4
When you open your e-mail
•
The Cisco VPN device
–
Uses IPSec to encrypt the e-mail message
–
Transmits the message through the tunnel to your VPN Client
•
The VPN Client
–
Decrypts the message so you can read it on your remote PC
–
Uses IPSec to process and return the message to the private network through the Cisco VPN
device.
device.